All Topics

Learn Splunk

All Topics

How does DB Agent Discover Nodes in an Oracle RAC Architecture   This guide explains how the DB agent discovers nodes within an Oracle RAC architecture. An understanding of this will help with trou... See more...
How does DB Agent Discover Nodes in an Oracle RAC Architecture   This guide explains how the DB agent discovers nodes within an Oracle RAC architecture. An understanding of this will help with troubleshooting when the DB agent runs into issues during this process.   Prerequisites System requirements: 512 MB of min and max heap per node/instance + 1GB License requirements: 1 License unit per node. Note: Disabling a collector consumes 1 License unit irrespective of the number of nodes Enable auto discovery of the nodes through the JVM flag shown below. This will allow the DB agent to discover the nodes through the process shown in this article. If the value is true, the agent will monitor the DB as a standalone using the collector configuration. -Ddbagent.oracle.cluster.discovery.disabled="false"   Note: DB agent will determine the flow by extracting details using all queries shown below from the DB server. This logic is inbuilt in the agent.   DB Agent Flow Before Node Discovery Occurs An initial connection is made by using the connection details provided in the collector If the initial connection is successful, DB agent will verify if DB is cluster-based using the query shown below If value is true –> start node discovery If value is false –> monitor DB using the initial connection (from step 1) SELECT value FROM v$parameter WHERE name='cluster_database’.   DB Agent Flow While Node Discovery Occurs for Cluster-Based DB 1. Verify if cluster is a PDB or CDB type using the below query (the values in this query will be used during the mode connections that are mentioned later in this article) select decode(sys_context('USERENV', 'CON_NAME'),'CDB$ROOT',sys_context('USERENV', 'DB_NAME'), sys_context('USERENV', 'CON_NAME')) DB_NAME, decode(sys_context('USERENV','CON_ID'),0,'CDB',1,'CDB','PDB') TYPE, sys_context('USERENV', 'SERVICE_NAME') service_name from DUAL​ *Oracle Document for reference: https://docs.oracle.com/en/database/oracle/oracle-database/19/multi/viewing-information-about-cdbs-and-pdbs-with-sql-plus.html 2. Retrieve nodes from the cluster: select i.inst_id, i.instance_name, utl_inaddr.get_host_address(i.host_name), p.value from gv$instance i LEFT JOIN gv$parameter p ON (p.inst_id = i.inst_id AND p.name = 'local_listener'); If above query is unsuccessful, use the one below: select i.inst_id, i.instance_name, i.host_name, p.value from gv$instance i LEFT JOIN gv$parameter p ON (p.inst_id = i.inst_id AND p.name = 'local_listener'); * The values from local listener is derived from listener.ora file, located in $ORACLE_HOME directory. 3. Using the output from above, DB agent will try to connect to each individual node using the different modes described below If type is PDB, service name from the query in Step 1 will be used If type is CDB, instance name from the query in Step 2 will be used DB agent will make a connection using the host, port, and instance or service name. See below table for more details on where the host and port is coming from Each mode connection will be tried sequentially until there is a successful one Connection Type Host name from Collector Config Host Name from Query (value from column 3) Host Name from Query (value from TNS entry - column 4) Port from Collector Config   Port from Query (value from TNS entry - column 4 or default port used if empty) Mode1           Mode2       Mode3       Mode4       * Pass  JVM argument -Ddbagent.oracle.cluster.discovery.mode={Mode1 or Mode2, etc} during agent startup to only use a specific mode connection. Not recommended unless a specific connection is required 4.  If none of the modes are successful, monitoring will not occur   Troubleshooting  Most issues seen in the agent logs are related to connection issues at a collector level or at a node level. Check the connection for each node using the username of the DB agent. Refer to the table to understand which host and port to use. telnet [host] [port] curl -v [host]:[port] Conclusion By reading this guide, you should have a better understanding of how DB agent flows when an Oracle RAC collector type has been created. This should help with troubleshooting if issues arise with the help of your DBA. If you continue to experience issues, please contact support for further assistance.
Are you ready to take your Splunk skills to the next level? Get set, because Splunk University is back, and this year we’re delivering the ultimate in-person learning experience right in the heart of... See more...
Are you ready to take your Splunk skills to the next level? Get set, because Splunk University is back, and this year we’re delivering the ultimate in-person learning experience right in the heart of Boston! Join us September 6–8, 2025, at the Boston Convention & Exhibition Center for three days packed with expert-led, hands-on sessions that will deepen your Splunk mastery like never before. Expert guidance and support This isn’t your average technical training opportunity. Splunk University is designed with Splunk Education experts to guide you through interactive workshops, live labs, and deep dives to sharpen your skills and boost your confidence. You’ll collaborate face-to-face with experienced Splunkers, solve real-world challenges, and walk away empowered to tackle your biggest data projects. Early Bird Pricing is live Don’t miss the chance to lock in your spot (and savings) for this one-of-a-kind educational adventure. Early Bird registration closes June 9 at 11:59 p.m. PT.  All registration details, pricing, and package information are detailed here. Attend .conf25 with confidence Plus, by attending Splunk University, you’ll roll right into .conf25 (September 8–11) with new skills, new insights, and new connections — ready to make the most of the entire Splunk Boston experience. There’s no better time to invest in your growth. We can’t wait to welcome you for an unforgettable, hands-on learning journey in Boston! Learn more about the full .conf25 experience here. Happy Learning! – Callie Skokos on behalf of the Splunk Education Crew
April 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on ... See more...
April 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on what’s new with Splunk Education. We hope the updates about our courses, certification program, and self-paced training will feed your obsession to learn, grow, and advance your careers. Let’s get started with an index for maximum performance readability: Training You Gotta Take | Things You Needa Know | Places You’ll Wanna Go Training You Gotta Take The latest | Mastering Splunk Data Management Techniques Is it pronounced day-ta or da-ta? No matter how you say it, one thing's clear—data is king. In this four-day, instructor-led course, you’ll take your data administration basics to the next level. This hands-on experience dives deep into the art and science of managing data and data ingestion. From designing ingestion pipelines to optimizing them for peak performance, you'll walk away with the technical know-how to master Splunk data with confidence and never have to justify how you pronounce data again.  Gotta take the latest | New release for mastering data   Last minute | We’ve got a seat for you Shout out to everyone who’s tech-ed-curious! We’re back with Last Minute Learning opportunities! If you’re one of those people who needs a pressing deadline to get motivated, then hurry up and register for open seats in some of our most popular classes. Each week, we share a list of the upcoming instructor-led classes that still have seats available. Just register with your Splunk.com account and use your company training units or a credit card to purchase.  Gotta get to class | Last minute opportunities Things You Needa Know New video | Tom hits all the right notes on Smartness Splunk user by day, pianist by passion—Tom Kopchak finds balance and harmony in his career by growing his Splunk expertise. In our latest Smartness Series video, Tom shares his journey with Splunk Education and the Splunk Community. From tuning Splunk in his own organization to striking a chord of lifelong learning, Tom is inspiring and insightful. Get to know Tom as he shares his best practices.  Needa know Tom’s secret to success | Watch the video Splunk Academic Alliance | Bringing you stronger colleagues right out of college Imagine this…you're working in a high-pressure Security Operations Center and the new grad just hired to work with you already knows their way around Splunk, can triage threats using ES, and automate responses with SOAR. That’s the power of the newly expanded Splunk Academic Alliance. This is a game-changer for future teammates, hiring managers, and the entire security community. We’re helping to develop your future cyber peers with Splunk Education and Splunk Academic Alliance – turning imagination into reality. Needa know what’s new | Expanded program supports security Places You’ll Wanna Go Lantern Lunch n’ Learns | Bringing Splunk know-how to the table  Splunkers love sharing with the community—and they do it best using the Lantern platform. This month, Lantern is sharing insights from Splunk’s Lunch ’n Learn series – serving up insights from seasoned Splunkers eager to share real-world insights from the inside. These peer-led sessions cover everything from workload management to Enterprise Security correlation searches to freezing and thawing data buckets. Dig into a satisfying helping of Splunk expertise on the blog.  Wanna go to lunch | Lantern has a menu of knowledge Splunk University | Coming to Boston - September 6-8 .conf25 is Splunk’s most anticipated event of the year, with the Splunk University traditionally kicking off the excitement. If your job is about keeping your organization secure, reliable, and moving at the speed of innovation, then you definitely cannot miss this learning experience. Save the date for three days of deep learning with Splunk University hands-on training, empowering sessions, compelling keynotes, and interactive experiences, plus enjoy opportunities to connect with peers and have tons of fun. Join us in Boston this year for a wicked good time!  Gotta go to Boston | It’s the new home of Splunk University Find Your Way | Learning Bits and Breadcrumbs Go Chat | Join our Community User Group Slack Channel Go Stream It  | The Latest Course Releases (Some with Non-English Captions!) Go Last Minute | Seats Still Available for ILT Go to STEP | Get Upskilled Go Discuss Stuff | Join the Community Go Social | LinkedIn for News Go Index It | Subscribe to our Newsletter   Thanks for sharing a few minutes of your day with us – whether you’re looking to grow your mind, career, or spirit, you can bet your sweet SaaS, we got you. If you think of anything else we may have missed, please reach out to us at indexEducation@splunk.com.  Answer to Index This: The minus sign. Place minus (-) between 555 and 55 to make this equation: 555 – 55 = 500.
Hi people, I'm a fresher who working on Splunk. I want to learn Splunk and Splunk related troubleshooting method. Especially about how to analyze the Splunk diag file.  So, As a experienced one... See more...
Hi people, I'm a fresher who working on Splunk. I want to learn Splunk and Splunk related troubleshooting method. Especially about how to analyze the Splunk diag file.  So, As a experienced one, What kind of advise you guys will give to me about Splunk? and if possible please guide me about how do I master Splunk. How do I grow my carrier though this? Also about where do I learn about Splunk diag?  
I'm currently doing the training modules for core certified user. After every module there is a short quiz. After I complete the quiz it shows me my pass/ fail percentage but not which questions I go... See more...
I'm currently doing the training modules for core certified user. After every module there is a short quiz. After I complete the quiz it shows me my pass/ fail percentage but not which questions I got right or wrong. I would like to know which questions I got wrong and what the correct answer was.  Is that how Splunk  has set up these modules? Or is it an error on my part?   It helps so much more if I could see which questions I got wrong or right. Anybody else having this problem? 
Hello,   I apologize since this isn't probably the right place to seek help for this issue, but I couldn't find a way to seek support since I couldn't find an option for account support in the case... See more...
Hello,   I apologize since this isn't probably the right place to seek help for this issue, but I couldn't find a way to seek support since I couldn't find an option for account support in the case category.   I created an account so I can access learning material. However, when I clicked on the verify account link in the email, I got an error that the link has expired, even though I instantly opened the email once I've received it.   I was able to login to Splunk, tried to find a verify option, but I couldn't see it.   I'd appreciate any guidance on how to seek support or if I can find a verification option in the account settings.   Thank you.
At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering engaging learning experiences for every skill level and learning style.  A variety of le... See more...
At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering engaging learning experiences for every skill level and learning style.  A variety of learning options From free eLearning, to eLearning with Labs, to Instructor-led Courses (ILT), we’re here for your curiosity, whether you appreciate self-paced options or interactive, expert-led sessions. For quick tips and insights, you can also go social with our Splunk YouTube How-Tos and dig deeper into use case tips by accessing articles on Splunk Lantern.   The latest in our catalog We’re thrilled to announce the latest additions to our course catalog! Every month, we release fresh content to keep you ahead of the curve.  This month, we’re unveiling a new ILT course to support our platform, Splunk Enterprise: Mastering Splunk Data Management Techniques (Enroll) We are also excited to introduce three new eLearning with Labs courses to support Splunk Security:  SOC Essentials: Introduction to Threat Hunting (Enroll)  Developing Splunk SOAR Playbooks in the Visual Playbook Editor (Enroll)  Implementing Splunk SOAR Community Playbooks (Enroll)  These courses provide essential insights into areas like data analytics and security operations, crucial for anyone looking to enhance their Splunk proficiency capabilities. Explore all of our offerings here in the Splunk Course Catalog.  Every month brings new learning opportunities to expand your knowledge, boost your career, and strengthen enterprise resilience. Stay on top of the latest course offerings and take the next step toward Splunk mastery – your next career breakthrough could be just one course away. We look forward to seeing you next month! — Callie Skokos on behalf of the Splunk Education Crew
Hi Splunkers! I’m excited to share a quick tip for all community leaders and tech enthusiasts trying to build a personal brand that reflects their professionalism and vision. As an active commun... See more...
Hi Splunkers! I’m excited to share a quick tip for all community leaders and tech enthusiasts trying to build a personal brand that reflects their professionalism and vision. As an active community organizer and aspiring Splunk User Group Leader in Kanpur, I realized how important visual presentation is. Whether you're creating your community profile, speaking at an event, or sharing your ideas online—your image matters. So, I worked on a refined professional look using one of my photographs. Here's the transformation: Attached Image 🧠 Tips I followed: Opted for a clean, bright background to keep the focus on me. Chose a light-colored formal suit over a dark shirt for contrast. Kept the edit minimal but effective—clear, confident, and community-ready. This makeover helped me feel more confident when presenting myself in Splunk Community spaces, and I hope it inspires you too. Let me know what you think or share your branding tips in the comments! Thanks for reading! — Ashu Patel Kanpur, India Future Splunk UG Leader
The Splunk Community is more than just an online forum — it’s a network of passionate users, administrators, and organizations sharing intelligence and experience to solve real-world challenges. One ... See more...
The Splunk Community is more than just an online forum — it’s a network of passionate users, administrators, and organizations sharing intelligence and experience to solve real-world challenges. One of the latest challenges we’re trying to solve is the cybersecurity talent gap – training the next generation of cybersecurity professionals who will soon be working shoulder-to-shoulder with community members like you. Supporting students, faculty, and IT staff That’s where the Splunk Academic Alliance comes in. This evolving program is helping bridge the gap between classroom learning and real-world impact by giving students and faculty free access to Splunk’s industry-leading software, hands-on training, and Splunk certification. It's not just about teaching tools—it's about preparing students to thrive in the same environments where our community already leads. Expanding the program Since its launch, the program has empowered students, faculty, and university IT staff around the world with a 10GB Splunk Enterprise license, 21 hands-on eLearning courses with labs, and industry-recognized certifications – all at no cost. Now, we’re taking it a step further—with powerful new additions that reflect the evolving needs of today’s security landscape. As cybersecurity threats grow more complex, so must the skills we teach. That’s why we’re excited to announce that the Academic Alliance now includes Splunk Enterprise Security (ES) and the Splunk SOAR Community Edition—equipping learners with practical knowledge in two of the most in-demand areas: threat detection and automated response. What’s new Here’s what’s included in the expanded program: A renewable 10GB license for Splunk Enterprise Access to the Splunk App for Enterprise Security via Splunkbase SOAR Community Edition for hands-on experience with security orchestration and automation Free Splunk training courses for Splunk Enterprise, Splunk Enterprise Security, and SOAR that faculty can seamlessly integrate into their curriculum A Splunk Certification exam voucher to help students validate their skills Ongoing support and license renewals—all at no cost Working with you This expansion deepens our commitment to preparing students not just for graduation, but for the moment they enter the cybersecurity workforce alongside of you — ready to contribute from day one.  If you are part of a non-profit university or higher education institution or you know someone who is, we encourage you to share the website link and the benefits of this free program with them. Thank you for being part of the solution to bridging the cybersecurity talent gap.   -- Callie Skokos on behalf of the Splunk Education Crew  
Resolving AppDynamics Auto-Instrumentation Challenges in Capsule Tenant This article provides a step-by-step guide to replicating a local environment using Capsule, focusing on resolving common i... See more...
Resolving AppDynamics Auto-Instrumentation Challenges in Capsule Tenant This article provides a step-by-step guide to replicating a local environment using Capsule, focusing on resolving common issues with AppDynamics auto-instrumentation within Kubernetes namespaces. It covers the installation of Capsule, tenant creation, and namespace setup, followed by troubleshooting symptoms, diagnosis, and solutions. The guide is designed for technical community members seeking to optimize their Capsule and AppDynamics integration. How to replicate locally Install Capsule https://github.com/projectcapsule/capsule/blob/main/charts/capsule/README.md Follow the instructions to create your first tenant https://capsule.clastix.io/docs/general/getting-started#login-as-tenant-owner Create the "appdynamics" and "oil-production" namespaces; they will be attached to the same Capsule Tenant. Symptoms The Cluster Agent cannot auto-instrument any application. Diagnosis There are no AppDynamics annotations in the Deployment/StatefulSet description.   There is no AppDynamics annotation in the namespace description.   In the Cluster Agent debug logs, many errors are related to the Cluster and Capsule tenant configuration. A single ERROR and 'Adding instrumentation task' are repeated every 5 minutes. The same situation occurs in the customer environment. [ERROR]: 2025-04-03 08:56:14 - utils.go:1086 - Unable to update namespace oil-production after 4 retries [DEBUG]: 2025-04-03 08:56:14 - deploymenthandler.go:623 - Adding instrumentation task for deployment oil-production/java-app-to-instrument [DEBUG]: 2025-04-03 08:56:14 - instrumentationconfig.go:794 - rule default|java|oil-production matches Deployment java-app-to-instrument in namespace oil-production with labels map[appd_agent:enable] [DEBUG]: 2025-04-03 08:56:14 - instrumentationconfig.go:805 - Found a matching rule {default|java|oil-production .* map[appd_agent:[enable]] java first JAVA_TOOL_OPTIONS map[agent-mount-path:/opt/appdynamics alpine-init-container-image: image:docker.io/appdynamics/java-agent:25.2.0 image-pull-policy:Always] map[bci-enabled:true port:3892] 0 0 false false false false map[] map[] map[] map[] 0 false [] true} for Deployment java-app-to-instrument in namespace oil-production with labels map[appd_agent:enable] [DEBUG]: 2025-04-03 08:56:14 - instrumentationconfig.go:338 - Instrumentation state for Deployment java-app-to-instrument in namespace oil-production with labels map[appd_agent:enable] is true​   Solution Cluster Agent service accounts require additional privileges in the Capsule Tenant: Original Tenant Tenant with additional privileges for Cluster Agent service accounts. All roles available here:  https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles I hope this article was helpful
Introduction Cisco AppDynamics On-Premises Virtual Appliance is the pinnacle of modern on-prem observability, offering IT Operations teams AI-powered capabilities for rapid anomaly detection and ro... See more...
Introduction Cisco AppDynamics On-Premises Virtual Appliance is the pinnacle of modern on-prem observability, offering IT Operations teams AI-powered capabilities for rapid anomaly detection and root cause analysis. What if you could harness all of this without the complexity and resource demands of a full production setup? Enter the AppDynamics On-Premises Virtual Appliance. Designed for simplicity and speed, it lets you test AppDynamics' powerful features in your environment with minimal hardware requirements-or scale up to a high-availability production-grade clustered environment. In this guide, we'll walk you through deploying the AppDynamics Virtual Appliance using the "Demo" profile. Whether you're looking to explore new features or establish a robust test environment, this deployment offers a hassle-free start. Let's dive in and get you up and running in no time! Getting Started Currently supported virtualization environments include: VMWare vSphere VMWare ESXi Standalone AWS EC2 Azure Virtual Machines KVM (certified on Ubuntu Server, only for small profile) For the last three deployment options, we do provide a set of helper scripts to get the VA deployment started here. In this guide, we’ll use VMWare vSphere. Single Node Installation – “Demo Profile” While the initial profiles were targeted for production and high available environments, the newly introduced “Demo” profile can be used to quickly test a new setup or feature. And it uses significantly less resources. A single node with 16vCPU, 32GB RAM, and 500GB Disk is enough to start. Depending on the number of additional services to be installed (SecureApplication, Anomaly Detection/RCA, and other services released soon) it might need a bit more RAM. For the sake of simplicity, I’ll walk through a setup with VMWare vSphere on how to quickly setup the Virtual Appliance in Standard Deployment (also known as Greenfield). Please note, the Demo profile is not recommended for use in production. Also, it is not possible to grow a Demo profile to a full installation. Step 1 – Download the Virtual Appliance Visit AppDynamics Downloads portal to get the Agents, AppDynamics Platform components, and Virtual Appliance. Ensure you download the correct type for your environment; for VMware, this is the OVA. The download includes everything you need and can be deployed in an air-gapped environment without further internet connectivity. Step 2 – Install the Virtual Appliance through VMWare vSphere Deploying the Virtual Appliance is like any virtual machine from an OVA template. Detailed instructions can be found in the documentation. During deployment, enter the FQDN for the virtual appliance under step 6: Domain Name in the “Customize Template” section. The appliance requires DNS to function correctly; IP addresses alone are insufficient.   For air-gapped environments there is a workaround available using the nip.io wildcard dns resolution or modifying /etc/hosts files. Important: Do not select to auto-start the VM after deployment; additional configuration is required before the first boot. After a successful deployment only the VMware tools need to be enabled in the vApp Options. This step, from deploying the OVA to configuring the settings, should take no more than 15 minutes. Step 3 – First Boot After the initial boot, log in using the default credentials: appduser/changeme. You'll be prompted to change the password immediately. As the system completes its bootstrap tasks, check the status with appdctl show boot. If you encounter an error indicating that https://127.0.0.1/boot is unavailable, don't worry—this simply means the system is still processing its bootstrap tasks. You can monitor progress using watch systemctl status appd-os. This process may take an additional 10 minutes, so a bit of patience—or a quick coffee break—is recommended. After a successful bootstrap, the command appdctl show boot will show the following output. According to our documentation, you're advised to check next the different nodes and review the cluster status. However, as when using the Demo profile installation, you can safely skip this step. Step 4 - Installing AppDynamics Services Now we’re ready to install AppDynamics. So far, the process has been straightforward and quick. For a default installation, there's no need to modify any template files. However, if you'd like to customize the setup, you can edit /var/appd/config/globals.yaml.gotmpl and /var/appd/config/secrets.yaml to adjust the defaults. More information can be found here  To automatically install the license, simply place the license file in the /var/appd/config directory. Alternatively, you have the option to install the license manually later using the appdcli command. For the controller license, execute appdcli license controller <licensefile.lic>, and for the EUM license, use appdcli license eum <licensefile.lic>. Start the installation by running appdcli start appd demo. This command will deploy several Helm charts to install all the necessary components for AppDynamics, including: Controller & Database EUM Server Synthetics Server Events Service Other critical infrastructure services Once the command exits, the installation process continues in the background. You can monitor its progress by executing watch appdcli ping. For more detailed insights into the installation status, use kubectl get pods --all-namespaces or watch kubectl get pods -A | grep -v "Running". These commands will help you track the installation progress until the cisco-controller pod is fully operational, as it often takes the longest to transition to the running state. This process may take around 10 minutes to complete. Step 5 – Start using AppDynamics At this point, your newly configured controller via the Virtual Appliance should be accessible using the DNS name specified in Step 2. By default, the Virtual Appliance generates a self-signed certificate and exposes all services over HTTPS. Unlike traditional AppDynamics installations, the controller is not accessible on port 8090; instead, everything is unified behind a single DNS name, like our SaaS offering. Conclusion Congratulations! If you did the steps along this blog post, you've now successfully deployed the AppDynamics Virtual Appliance in just under 30 minutes. With your test environment up and running, you're now poised to explore the features AppDynamics offers, from application performance monitoring, real user monitoring, database monitoring, anomaly detection, root cause analysis to SecureApplication. This deployment not only serves as a valuable learning tool but also as a foundation for future expansions and integrations. Happy monitoring!
  March 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist... See more...
  March 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on what’s new with Splunk Education. We hope the updates about our courses, certification program, and self-paced training will feed your obsession to learn, grow, and advance your careers. Let’s get started with an index for maximum performance readability: Training You Gotta Take | Things You Needa Know | Places You’ll Wanna Go  Training You Gotta Take All the free stuff | More than 80 courses Sunshine. Smiles. Fresh air. There are still some wonderful things in life that are free. Now, add over 80 free Splunk training courses, and you’ve got the recipe for a really good day. Our self-paced training courses are accessible online – covering a wide range of topics, from basic Splunk functionalities to advanced security operations. By making these resources freely available, Splunk seeks to empower aspiring cybersecurity professionals to develop in-demand skills and enhance their career prospects in a rapidly evolving field. Smile, we got you.  Gotta get some freebies | Get started The latest  | New courses with all the feels You know that feeling you get after a new haircut or when you slip into a fresh cotton t-shirt?  That’s exactly how we feel about our latest course releases in Splunk Education. Whether you’re jumping into the world of Splunk for the first time or sharpening your expertise, we’ve got the perfect fit for your learning style. Each month, Splunk Education announces our freshest course releases – from free eLearning and hands-on labs to interactive, instructor-led courses, our diverse lineup ensures you're always on the cutting edge. Feel good about investing in a fresh new you. Gotta see what’s new | If it’s free it’s me Things You Needa Know Splunk Lantern | What the cool kids are reading No more stumbling in the dark—Splunk Lantern is here to shine a light on the best ways to unlock the full potential of your data! As a Splunk customer success center, Lantern provides expert advice, essential use cases, and practical tips to help you manage Splunk more efficiently. This month, we’re excited to share the top-read content that helped customers achieve more with Splunk. With over 350,000 new users diving into our content this past year, it’s clear that more people than ever are finding value in our insights. Hang out with us on the Lantern site and on the Splunk Community – it’s cool to be schooled.  Needa light things up | Find your use case here Org managers | Get your toolkit We love our STEP Org Managers and they love you, which is why they dedicate their time to help learners like you navigate the Splunk Training and Enablement Platform (STEP). To make their job even easier, we provide them with an Org Manager Toolkit, a resource-packed guide designed to streamline training unit management and support learners through course enrollment. The kits include tips, best practices, team slides, and shareable messaging. If you’re a learner within an organization, get to know your Org Manager and show them some love because you’ll need their blessing before you jump into training. And, org managers, check out the latest kit (it’s in your inbox too). Needa help your learners | Use the toolkit Places You’ll Wanna Go Splunk Blogs | Students rock the SOCs  What do UNLV, LSU, and Cal Poly all have in common – besides their fun culture and cool mascots? Their students are gaining real-world cybersecurity skills in student-powered Security Operations Centers thanks to Splunk Academic Alliance training. Splunk is committed to bridging the gap between classroom learning and real-world security operations through our Academic Alliance program, which provides students and educators with free access to Splunk’s industry-leading software and training. By empowering the future workforce with cutting-edge tools and knowledge, the Splunk Academic Alliance is bridging the cybersecurity talent gap and shaping the leaders of tomorrow. Close the gap, rock the SOC!   Go to the blog | Find out who’s training in the SOC To the Community | At the last minute Whether you’re a procrastinator or on that Sigma grindset, we’ve got you covered. Last Minute Learning from Splunk offers you the option to get more learning courses under your belt faster, or make up for the courses you’ve been putting off. Each week on the Splunk Community blog, we share a list of the upcoming instructor-led classes that still have seats available. Subscribe to all Last Minute Learning opportunities by selecting the Last Minute Learning label on the blog site and select “Subscribe”.  Go to the Community | Last Minute Learning Find Your Way | Learning Bits and Breadcrumbs Go Chat | Join our Community User Group Slack Channel Go Stream It  | The Latest Course Releases (Some with Non-English Captions!) Go Last Minute | Seats Still Available for ILT Go to STEP | Get Upskilled Go Discuss Stuff | Join the Community Go Social | LinkedIn for News Go Index It | Subscribe to our Newsletter   Thanks for sharing a few minutes of your day with us – whether you’re looking to grow your mind, career, or spirit, you can bet your sweet SaaS, we got you. If you think of anything else we may have missed, please reach out to us at indexEducation@splunk.com.  Answer to Index This: Two. The inside and the outside.
Remember Splunk Community member Tom Kopchak? If you caught the first episode of our Smartness interview series, you already know how impactful his journey with Splunk has been. Now, we’re diving eve... See more...
Remember Splunk Community member Tom Kopchak? If you caught the first episode of our Smartness interview series, you already know how impactful his journey with Splunk has been. Now, we’re diving even deeper into his story with a brand-new companion video! Tom shares how Splunk Education played a pivotal role in advancing his career and optimizing Splunk for his organization. From top-tier training to the power of the Splunk Community, his experience highlights just how transformative the right resources can be.  Watch the video now and revisit Tom’s inspiring path in Episode 1. Let his success story spark your next move with Splunk! Inspired by Tom’s journey? Boost your Splunk expertise with the same tools that helped him succeed: Splunk Lantern – Practical insights and real-world solutions. Splunk Docs – Your go-to knowledge base for everything Splunk. Splunk Education – Courses designed to make you a Splunk pro. Splunk Community– Connect, collaborate, and grow with other Splunk users. Splunk Certifications – Validate your skills and take your career to new heights. Tom's tutorials You can learn more about Tom and access some of his great Splunk tutorials right here!    Happy Learning!  -Callie Skokos on behalf of the Splunk Education Crew
How to Deploy AppDynamics Database Agent for MySQL on OpenShift Introduction: Monitoring database performance is crucial for ensuring application stability and efficiency. This guide walks you th... See more...
How to Deploy AppDynamics Database Agent for MySQL on OpenShift Introduction: Monitoring database performance is crucial for ensuring application stability and efficiency. This guide walks you through deploying the AppDynamics Database Agent on OpenShift to monitor a MySQL database. You'll learn how to: Set up a MySQL instance on OpenShift Deploy the AppDynamics Database Agent with proper permissions Configure MySQL monitoring in the AppDynamics Controller UI Verify metrics and troubleshoot potential issues By the end of this guide, you’ll have full visibility into your MySQL performance, including query analysis, resource utilization, and overall health monitoring in AppDynamics.   1. Prerequisites OpenShift Cluster: Access via the oc CLI or the OpenShift Web Console. AppDynamics Controller: You have the host, port, account name, access key. AppDynamics License: Ensure Database Monitoring (MySQL) is licensed. Database Agent Image: Typically docker.io/appdynamics/db-agent or a registry provided by AppDynamics. Basic MySQL Docker image: For this example, we’ll use mysql:8.0 from Docker Hub. 2. Create/Open a New Project In the CLI, for example: oc new-project mydb-project oc project mydb-project 3. Deploy a MySQL Instance on OpenShift Below is a simple YAML for a Deployment and Service. In a real environment, you’d likely set up persistent storage, handle secrets for credentials, etc. # mysql.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mysql-deployment spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:8.0 env: - name: MYSQL_ROOT_PASSWORD value: rootpassword - name: MYSQL_DATABASE value: sampledb - name: MYSQL_USER value: appduser - name: MYSQL_PASSWORD value: appdpass ports: - containerPort: 3306 --- apiVersion: v1 kind: Service metadata: name: mysql-service spec: selector: app: mysql ports: - protocol: TCP port: 3306 targetPort: 3306 Apply it: oc apply -f mysql.yaml Check that the pod and service are running: oc get pods oc get svc You should see mysql-deployment-... running and a mysql-service on port 3306 4. Create a Secret for AppDynamics Credentials Store your AppDynamics account access key securely. For example: oc create secret generic appd-secret \ --from-literal=APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY=<YOUR-ACCESS-KEY> This secret will be referenced by the Database Agent deployment. 5. Grant the “anyuid” SCC The AppDynamics Database Agent container often tries to run a startup script (start-appdynamics-database-monitoring). In OpenShift’s default restricted SCC, containers run as a random non-root UID. If the script in the image doesn’t have proper permissions for non-root, you get a permission denied error. 5.1 Create a Service Account (Recommended) oc create serviceaccount appd-db-agent-sa 5.2 Give anyuid SCC to That Service Account oc adm policy add-scc-to-user anyuid -z appd-db-agent-sa -n mydb-project Now, the service account appd-db-agent-sa is allowed to run images that require root or any specific UID. Note: This is a quick fix and less secure. A better approach is to build a custom image or ensure the official image has proper file permissions (so it can run under restricted SCC). But for simplicity, we’ll use anyuid in this guide. 6. Deploy the AppDynamics Database Agent Here’s a minimal YAML that uses environment variables (rather than a config file) to configure the agent. It references the secret for the access key and uses the appd-db-agent-sa service account we just created. # appd-db-agent.yaml apiVersion: apps/v1 kind: Deployment metadata: name: appd-database-agent spec: replicas: 1 selector: matchLabels: app: appd-database-agent template: metadata: labels: app: appd-database-agent spec: serviceAccountName: appd-db-agent-sa # <-- Important! containers: - name: db-agent image: docker.io/appdynamics/db-agent:latest env: - name: APPDYNAMICS_CONTROLLER_HOST_NAME value: "my-controller.example.com" - name: APPDYNAMICS_CONTROLLER_PORT value: "443" - name: APPDYNAMICS_CONTROLLER_SSL_ENABLED value: "true" - name: APPDYNAMICS_AGENT_ACCOUNT_NAME value: "myAccount" - name: APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY valueFrom: secretKeyRef: name: appd-secret key: APPDYNAMICS_AGENT_ACCOUNT_ACCESS_KEY # Name this agent as it appears in the Controller - name: APPDYNAMICS_DB_AGENT_NAME value: "MyOpenShiftDBAgent" - name: APPDYNAMICS_DB_AGENT_TIER_NAME value: "MyDBTier" - name: APPDYNAMICS_DB_AGENT_NODE_NAME value: "MyDBNode" # For memory management or other Java opts - name: JAVA_OPTS value: "-Xms128m -Xmx512m" Apply it: oc apply -f appd-db-agent.yaml Check pod logs: oc get pods oc logs deployment/appd-database-agent If all goes well, you should see logs indicating it connected to the Controller. If you get a permission denied error, confirm you’re using the serviceAccountName: appd-db-agent-sa and that the SA has the anyuid SCC. 7. Configure MySQL Monitoring in the Controller UI By default, if you only used environment variables, the agent knows how to contact the Controller but doesn’t yet know which MySQL host to monitor. We create a MySQL collector in the AppDynamics UI: Open the AppDynamics Controller in your browser. Navigate to Databases → Agents. Find your agent (e.g., MyOpenShiftDBAgent) and click on it. In the Databases tab, click Add → Add MySQL Collector. Collector Configuration: Display Name: e.g. MyOpenShiftDBAgent Host: mysql-service (assuming your Database Agent is in the same namespace as mysql-service), If in a different namespace, you might need the FQDN: mysql-service.mydb-project.svc.cluster.local Port: 3306 Username: appduser Password: appdpass (Optionally) Tweak advanced fields like Collection Interval, Lock Level, Query Analysis, etc.   Save the collector. Within a couple of minutes, the Database Agent should start collecting MySQL metrics. 8. Verify and View Metrics Once the MySQL collector is set up: In the AppDynamics Controller, go to Databases → Databases. You’ll see a row for your new MySQL collector (e.g., MyOpenShiftDBAgent). Click it to see: Overview: CPU, memory, throughput. Queries: Slow queries, wait stats, top queries, etc. Resources: For deeper performance insights.   Conclusion Deploying the AppDynamics Database Agent alongside MySQL on OpenShift involves: Creating a project, a MySQL deployment, and a service. Setting up the Database Agent container, ensuring it can run the startup script (via SCC or a custom image). Creating a MySQL collector in AppDynamics to specify connection details. Once configured, you’ll see full visibility into your MySQL instance — top queries, performance metrics, and more — in the AppDynamics Controller. Feel free to add screenshots to illustrate each step in both the OpenShift Web Console and the AppDynamics UI.
I can´t get my credit units to book a training. What I can do? thank you!!
Introduction As per a recent CNCF Blog post, Kubernetes and OpenTelemetry are the 1st and 2nd Open Source projects in terms of Project Velocity. Since it’s launch over 10 years ago, Kubernetes... See more...
Introduction As per a recent CNCF Blog post, Kubernetes and OpenTelemetry are the 1st and 2nd Open Source projects in terms of Project Velocity. Since it’s launch over 10 years ago, Kubernetes® has become the standard platform in the software industry for managing containerized applications across a cluster of servers. For newcomers to the observability domain, OpenTelemetry™ provides a standard way to collect telemetry data (metric, logs and traces) from software applications and infrastructure and send it to one or more backends to analyze performance. The backends can be open source (Jaeger or Zipkin, for example), commercial (such as Splunk AppDynamics, Splunk Observability) or both.   To enable faster adoption and showcase instrumentation best practices, the OTel community has built a demo application, OpenTelemetry Community Demo. In this blog, I'll show how to configure the Kubernetes deployment of OpenTelemetry demo to send Trace data to Splunk AppDynamics for further analysis. If you are interested in observing Docker compose deployment of OpenTelemetry Demo application in Splunk AppDynamics then please refer to this other article.  Backstory: Splunk AppDynamics and OpenTelemetry demo  Splunk AppDynamics provides full stack observability of hybrid and on-prem applications and their impact on business performance. In addition to proprietary ingestion format, AppDynamics also supports OpenTelemetry trace ingestion from various language agents (Java, dotnet, python, golang etc.) giving customers more options in how they want to ingest telemetry data.  OpenTelemetry Community Demo is a simulated version of an eCommerce store selling astronomy equipment. The app consists of 14+ microservices communicating with each other via http or grpc. The microservices are built using a variety of programming languages (Java, Javascript, C#, etc.) and instrumented using OpenTelemetry (auto, manual or both). The diagram below shows the data flow and programming languages used.   (Image credit:  OpenTelemetry Demo contributors.)  In addition to the microservices shown here, the demo app also comes with supporting components such as OpenTelemetry Collector, Grafana, Prometheus and Jaeger to export and visualize traces, metrics and so on. The OpenTelemetry Collector is highly configurable. Once exporters for various backends are defined and enabled in the service pipeline, the Collector can be set up to send telemetry data to multiple backends simultaneously. The diagram below shows the OTel demo with supporting components, as well as a dotted line to Splunk AppDynamics, which we will configure in the next section.  Setting up Kubernetes Cluster  Make sure you have access to a Kubernetes (K8s) cluster via kubectl. The cluster can be running locally (e.g. via kind, minikube, Docker Desktop with Kubernetes enabled) or remotely on a cloud provider (e.g. EKS, GKE or AKS). In case you don’t have a readily available K8s cluster you can follow below steps to create it on your local Mac using kind:  brew install kind kind create cluster --name otel-demo Confirm access to your K8s cluster by running below command: kubectl get pods -A It should output below text if connection is successful Using helm, deploy OpenTelemetry demo app in your K8s cluster ( Ref. OpenTelemetry Demo Kubernetes Deployment documentation) brew install helm helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts helm install my-otel-demo open-telemetry/opentelemetry-demo kubectl port-forward svc/my-otel-demo-frontend-proxy 8080:8080 ​​ Confirm otel demo app is working well by going to http://localhost:8080/ and completing an item checkout workflow.  Creating Splunk AppDynamics Credentials Contact your Splunk AppDynamics account representative to set up an AppDynamics account for your company. The account will have a URL format similar to https://<your-company/account-name>.saas.appdynamics.com and will be the central location where you'll see all telemetry data from your applications.   Generate API Key by going to your AppDynamics url >  Otel > Get Started > Access Key. Go to the Processors, Exporters and Service Configuration section and note down the values of below Keys. We will use them in the next section:  appdynamics.controller.account appdynamics.controller.host  Deploying OtelDemo on K8s and observing it in Splunk AppDynamics Next, we create a custom helm values file otel-col-appd.yaml (Ref. bring-your-own-backend) to send trace data to Splunk AppDynamics. As described below, update the file otel-col-appd.yaml in your local Mac. Alternatively, copy the GitHub gist. Make sure there are no yaml validation errors by opening this file in an IDE with yaml support (VSCode etc.). The contents of this file get merged with default helm configuration at runtime to create the consolidated OpenTelemetry Collector configuration.  opentelemetry-collector: config: processors: resource: attributes: - key: appdynamics.controller.account action: upsert value: "from AppD account url > Otel > Configuration > Processor section" - key: appdynamics.controller.host action: upsert value: "from AppD account url > Otel > Configuration > Processor section" - key: appdynamics.controller.port action: upsert value: 443 - key: service.namespace action: upsert value: appd-otel-demo-k8s-kind-mac #custom name for your App batch: timeout: 30s send_batch_size: 90 exporters: otlphttp/appdynamics: endpoint: "from AppD account url > Otel > Configuration > Exporter section" headers: {"x-api-key": "from AppD account url > Otel > Configuration > API Key"} service: pipelines: traces: receivers: [otlp] processors: [resource, batch] exporters: [otlp, spanmetrics, otlphttp/appdynamics] Using below steps install a new helm release in your K8s cluster:  helm uninstall my-otel-demo helm install appd-otel-demo open-telemetry/opentelemetry-demo --values otel-col-appd.yaml Wait for a few minutes until all the pods are running kubectl port-forward svc/my-otel-demo-frontend-proxy 8080:8080 Confirm you can access OpenTelemetry demo app UI at ​​​​http://localhost:8080/  Next, Login to your Splunk AppDynamics  URL. You'll then see a service flow map that shows various microservices and the interactions between them.   Click the Tree view to display key APM metrics such as Avg Response Time, Calls/min and Errors/min etc.  An observability platform should be able to detect an increase in error rates of the microservices it’s monitoring. Fortunately, the OpenTelemetry demo has an error injection capability via feature flags to test this functionality. Go to the feature flag UI at ​http://localhost:8080/feature/ and enable the productCatalogFailure feature flag. This will cause the product catalog service to return an error to frontend service for a specific product ID and respond correctly to all other product IDs. Note the increase in error rate in home page. To view errors details, click on Troubleshoot > Errors > Error Transactions > Details. AppDynamics accurately captures the error reason as ”Product Catalog Feature Flag Enabled”. AppDynamics provides health rules and alerts functionality to respond quickly to such situations.  Conclusion The OpenTelemetry Community Demo application is a valuable and safe tool for learning about OpenTelemetry and instrumentation best practices. In this blog, we showed how to configure the K8s deployment of demo app to send telemetry data to Splunk AppDynamics. We also explored some key Splunk AppDynamics features such as FlowMap, APM metrics, and an observed increase in error rates via a fault-injection scenario.  
At Splunk Education, we’re dedicated to providing incredible learning experiences that cater to every skill level and learning style. Whether you’re a beginner dipping your toe into Splunk for the fi... See more...
At Splunk Education, we’re dedicated to providing incredible learning experiences that cater to every skill level and learning style. Whether you’re a beginner dipping your toe into Splunk for the first time or a seasoned professional looking to refine advanced skills, our wide variety of educational resources ensures that you’re always prepared for the next step in your journey. Our Diverse Course Offerings We’ve got you covered with a variety of learning options! Start strong with Free eLearning, dive deep with eLearning with Labs for hands-on practice, or benefit from Instructor-led Courses that provide interactive, expert-led sessions. Plus, don’t forget to validate your skills with Splunk Certifications. For those quick tips and insights, check out our Splunk YouTube How-Tos and Splunk Lantern, where you can access the latest guidance and best practices. Fresh Courses Just Released We’re thrilled to announce the latest additions to our course catalog! Every month, we release fresh content to keep you ahead of the curve. Whether you prefer the flexibility of self-paced eLearning or the structure of live, instructor-led courses, we have something for everyone. This month, we’re unveiling these four new free eLearning courses for Security:   ES 8.0 Updates for the Splunk SOC (Enroll) Introduction to Detection Engineering with Splunk (Enroll) Splunk Security Use Case Development: Using ESCU and Security Essentials (Enroll) SOC Essentials: Introduction to Threat Hunting (Enroll) Plus, two new eLearning with Labs courses – one for Platform and one for Security: Platform: Creating Classic Dashboards (Enroll) Security: Using Prompts in Splunk SOAR Playbooks (Enroll) These courses provide essential insights into areas like security operations and observability, crucial for anyone looking to enhance their data-driven capabilities. Explore them now through the Splunk Course Catalog.  Global Learning, Now More Accessible We continue to expand our language offerings and add non-English captions to our eLearning content. This ensures that learners around the world can enhance their Splunk expertise in their preferred language, furthering our vision of a globally inclusive educational ecosystem. This month, we’re pleased to announce a new free, eLearning with Japanese captions: Understanding Threats and Attacks (Enroll)   Every month brings new learning opportunities to expand your knowledge, boost your career, and strengthen enterprise resilience. Stay on top of the latest course offerings and take the next step toward Splunk mastery – your next career breakthrough could be just one course away. We look forward to seeing you next month! — Callie Skokos on behalf of the Splunk Education Crew
When deploying Splunk AppDynamics on-premises, you will have access to the controller app server on ports: Name Port Description Controller App Server (Primary) 8090 HTTP Controller App... See more...
When deploying Splunk AppDynamics on-premises, you will have access to the controller app server on ports: Name Port Description Controller App Server (Primary) 8090 HTTP Controller App Server (SSL) 8181 HTTPs   However, when you open the controller in the browser on port 8181, you might get this error:   The error means that the CN and SAN values of the generated self-signed certificate (most probably the values are: localhost, for both) doesn't match your hostname you are using to open the controller page in the browser. There are two options to solve this issue: Option 1 Generate a new SSL certificate with CN and SAN same as the hostname of the server. You can check the documentation here at Secure the Platform > Controller SSL and Certificates on how to generate the new certificate. Option 2 Disable the SNI Host Check on Jetty (Read more: jetty.ssl.sniHostCheck). This solution is applicable for Enterprise Console >=23.11 where the Controller uses Jetty Application server instead of GlassFish.  This is not a permanent solution as the below changes will revert whenever jetty is upgraded. It solves the problem until the next controller upgrade (specifically Jetty version upgrade). This workaround needs to be documented. This option involves changing the default value of sniHostCheck from true to false. And to do it, the steps are straightforward. I assume you installed your Splunk AppDynamics controller instance on a Linux server/VM.   $ cd /opt/appdynamics/platform/product/controller/appserver/jetty/etc $ cat jetty-ssl.xml <?xml version="1.0"?><!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd"> <!-- ============================================================= --> <!-- Base SSL configuration --> <!-- This configuration needs to be used together with 1 or more --> <!-- of jetty-https.xml or jetty-http2.xml --> <!-- ============================================================= --> <Configure id="Server" class="org.eclipse.jetty.server.Server"> <!-- =========================================================== --> <!-- Create a TLS specific HttpConfiguration based on the --> <!-- common HttpConfiguration defined in jetty.xml --> <!-- Add a SecureRequestCustomizer to extract certificate and --> <!-- session information --> <!-- =========================================================== --> <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <Arg><Ref refid="httpConfig"/></Arg> <Call name="addCustomizer"> <Arg> <New class="org.eclipse.jetty.server.SecureRequestCustomizer"> <Arg name="sniRequired" type="boolean"><Property name="jetty.ssl.sniRequired" default="false"/></Arg> <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg> <Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg> <Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg> </New> </Arg> </Call> </New> </Configure>   As seen in the output of the jetty-ssl.xml file, the Property default value is "true".   <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>   And needs to be changed to "false"   <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="false"/></Arg>   You will need to do the same change in jetty-ssl.xml.j2 file as well. Changing the SNI host check value to false bypasses the check of whether the certificate sent to the client matches the Host header. Finally, restart the controller app server. After the restart is completed, you will be able to open your Splunk AppDynamics controller via HTTPs on port 8181.  Thanks, Osama Abbas
The Splunk Community is a powerful network of users, educators, and organizations working together to tackle one of the biggest challenges in cybersecurity today—building the next generation of skill... See more...
The Splunk Community is a powerful network of users, educators, and organizations working together to tackle one of the biggest challenges in cybersecurity today—building the next generation of skilled professionals. Splunk is committed to bridging the gap between classroom learning and real-world security operations through our Academic Alliance program, which provides students and educators with free access to Splunk’s industry-leading software and training. Read the full blog from Eric Fusilero, VP of Global Enablement and Education, who shares how the Splunk Academic Alliance equips students with training, SOC experience, and certifications to launch cybersecurity careers. Through hands-on experience with Splunk, students at universities like UNLV, LSU, and Cal Poly are gaining real-world cybersecurity skills in student-run Security Operations Centers (SOCs). These programs allow students to actively monitor and respond to cyber threats, preparing them to step confidently into critical cybersecurity roles after graduation. By empowering the future workforce with cutting-edge tools and knowledge, we’re not just filling the cybersecurity talent gap—we’re shaping the leaders of tomorrow. Read more about how Splunk is helping students move from the classroom to their careers in the blog here: Bridging the Gap: Splunk Helps Students Move from Classroom to Career.
Any advise on Roadmap to study (with course listed) and get Splunk Engineer job? Thanks in advance